From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) by sourceware.org (Postfix) with ESMTPS id 1F874384AB79 for ; Fri, 19 Apr 2024 09:33:58 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 1F874384AB79 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 1F874384AB79 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a00:1450:4864:20::535 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1713519248; cv=none; b=PxDAePD1iDzZ7LS6NJVnPAVFCAUmvaVv1QRk5yjnEaJFQgKw+HiCb6fgqRXNDhDzYJ0WluKUS7bhLudryhIW087guQ/yCrVEpaHQpKlNaZv1g3pLHT+8x8zNwoW85bbThobEuZTe19UiVzRhW0Gf0LrukaObgiZOdevvpf4rLcc= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1713519248; c=relaxed/simple; bh=vC0oksai4GzDsLAGYV8BrWLqn6iApbgPa3XNO2c5kA4=; h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=wbGhUx452OSFtBRjoGGzsuEWpwFzZyHETqNIbDSMUtBhlJxr7Sa0Ol7iGuurspaCJcQ2Err08Sxo8DmmmbHmg79Kts8vREXsDgeLTYHY3s7VGAH0Dz/o+NP3ozFdFR1Ry4rwdl5QzcD45G1EYvZ3IQ635CaIsrUC/T08nGbBAqU= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-ed1-x535.google.com with SMTP id 4fb4d7f45d1cf-56e4a148aeeso813366a12.2 for ; Fri, 19 Apr 2024 02:33:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1713519237; x=1714124037; darn=gcc.gnu.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=faGoWqK3C1jZo1warNT/R67ukrla0cWGG+mruxNWR6c=; b=ODDdzmm/BrJrFvKgXoSQGogqaN2YrfAPdEpMlls9r3mLwSzEGrD5JlJe+sEH8XoYQM bOc1seldPMIOREZMRSR3f2Q0VeEm8ixRye1mKN/Ott9hOfAOjsbnUa+fI+rajb42OxSv 1SiVLCiEt/qHO+sW1+lsqmeCMuN//mmOPJA8yO1GMCTP5ziuCNq8zgKb8lxUu2MeXpwf KVbT6BTSRFqNOUoPWA3h8WEG/ms6y+D6Xc6gWPSSdei9xLPJV5n7niccx/hhZidmIM3Q hUuUIl/nLqsbwrwVyxHkYta6KC7zOP0cPciYSYjRG1mwIOzpUUlTdGRmX9+WNvieRi0M AClw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713519237; x=1714124037; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=faGoWqK3C1jZo1warNT/R67ukrla0cWGG+mruxNWR6c=; b=TIiKMZVR08TFHBFII6eD7i5dyIBXDmgrYWv2kj1WMrKQ2at18+nV8cL98NLtSXPXk8 FNxSTtUbVuCbXSgvvP0gsdLm71XuQSXm10u/bo7Ej10Ft94ew+PAn+C4Ife/NTvMsB9D IOyUELiF3SAw9JkuUqOpLzq3j8MrBJZj3QQdHn3n4zJgKDYYJQ8lTxPZf/bxNsXaoN4x P9jJs6KX+DSjqi8KqAWnb3kKOR//sKdO6ZnD7usopdfygleX4B6tCf+Bi5wcqPL+KM7F 7dHC3l6H+O3t+6i/PHufbePlYyqmSSg/0l9B42y/JAs+ctwlAoQtPW88yWmTtNJ4znC2 xnJQ== X-Forwarded-Encrypted: i=1; AJvYcCVeAaOuvEST8/OYROv0TQ9qzOe5MQsnwyN1f/uuCKiqHPi6n5ptuLyXxx3gVpjr4FWO2JN0YjfPVvLxo33imF0= X-Gm-Message-State: AOJu0YzZMCR2d4fGxBq3IRD6IYnAffWeA/Ufbdmi4WfGW7yuQ3a/r1fQ 1t/DH5eUldPZVwqYYQFCInretUUL4x6r6UkWYfY5eCwX4kIFAEusrKQA+njSVHhpM63OxDiHwiz eC2yV8usaq+j1zX4k0O9HhWk+oqU= X-Google-Smtp-Source: AGHT+IEmejfND4+++UetC8Af8txhmVzVKpagsdn0WV/Q9nkXF6x6aZjSsKglSo7kbTXtYP52YiUEozcL1KwG2vgIg3k= X-Received: by 2002:a50:999d:0:b0:56d:fca8:d2d6 with SMTP id m29-20020a50999d000000b0056dfca8d2d6mr1377631edb.6.1713519236377; Fri, 19 Apr 2024 02:33:56 -0700 (PDT) MIME-Version: 1.0 References: <20240417232725.GC25080@gnu.wildebeest.org> In-Reply-To: <20240417232725.GC25080@gnu.wildebeest.org> From: Jonathan Wakely Date: Fri, 19 Apr 2024 10:33:44 +0100 Message-ID: Subject: Re: Updated Sourceware infrastructure plans To: Mark Wielaard Cc: overseers@sourceware.org, gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org, libc-alpha@sourceware.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Thu, 18 Apr 2024 at 00:28, Mark Wielaard wrote: > We also encourage projects to use signed git commits where it makes > sense. This can be done through the gitsigur process which supports > hoos to only allow known (registered) signatures. > https://inbox.sourceware.org/overseers/ZIz4NB%2FAqWpSNj5d@elastic.org/ > But can of course also be done in other ways. See this overview of how > sigsigur, sigstore and b4 can provide a signed commit/release workflow: > https://inbox.sourceware.org/overseers/ZJ3Tihvu6GbOb8%2FR@elastic.org/ Would it be possible for gitsigur to support signing commits with ssh keys as well as gpg? Git supports this, and it's much easier for everybody than having to set up gpg. We already need an SSH key on sourceware.org to push to Git, so all those public keys could be treated as trusted (via git config gpg.ssh.allowedSignersFile). You could then sign your commits with the same key that you use to push to sourceware. Does requiring using a second, different key to sign commits really add any value? If somebody has compromised my ssh key and can push to sourceware, are we hoping that they won't have compromised my gpg key as well? I'm already signing my GCC commits that way, without needing to use gpg or gitsigur: commit 7c2a9dbcc2c1cb1563774068c59d5e09edc59f06 [r14-10008-g7c2a9dbcc2c1cb] Good "git" signature for jwakely@redhat.com with RSA key SHA256:8rFaYhDWn09c3vjsYIg2JE9aSpcxzTnCqajoKevrUUo Author: Jonathan Wakely Date: Thu Mar 21 23:09:14 2024